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DETAILED ACTION 

A request for continued examination under 37 CFR 1.114, including the fee set 
forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 
1 0/30/07 has been entered. 

Claims 1-28 were examined and are pending. Well known art statements made 
in the prior office action not adequately or specifically traversed are taken as admittance 
of prior art as per MPEP 2144.03. 

Response to Amendment 

Applicant's amendments were fully considered. Any new objections or rejections 
made below are made in response to the amendments. Any objections or rejections not 
repeated below for record were withdrawn due to the amendments. 

Response to Arguments 

Applicant's remarks were fully considered. On page 1 1 of the response filed on 
10/30/07, applicant noted that claims 1, 15, 18, 20 and 24 were objected to in the last 
office action for informalities. Applicant argued that the objections appear to be in error 
because none of what the examiner objected to were present in the claims. Applicant 
assumed that the examiner was referring to an earlier set of claims than the one the 
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examiner should have reviewed for the office action mailed on 6/1 1/07. The examiner 
respectfully submits that no error was made by the examiner in making the objections. 
The examiner issued the office action with respect to the set of claims submitted on 
4/3/07, which contained all the informalities pointed out by the examiner. For example, 
with respect to claim 15, lines 10-11, applicant stated that applicant had already deleted 
"of the recipient". This is not the case. Applicant did not make amendments to 
overcome these objections until after the Final office action was mailed out (see claims 
submitted after final on 9/11/07), and as such the informalities objected to existed in the 
set of claims that was submitted for the examiner's consideration on 4/3/07. 

On page 1 1 of the response filed, applicant argues that the independent claims 
have been amended to include inherent language since the claims refer to using a 
public key of the secure distribution server that is used to encrypt the secret key. The 
examiner respectfully disagrees that the language that has been amended onto the 
independent claims was inherent to the claims. Using claim 1 as an example, the claim 
previously referred to receiving an encrypted secret key encrypted using a public key 
associated with a secure distribution server . A public key associated with a secure 
distribution server does not necessarily mean that the key belongs to the server, i.e. a 
public key of the secure distribution server. For example, the server could make use of 
a key, and in that respect the key would be associated with the server, but the key does 
not necessarily have to belong to the server. As such, applicant's amendment to the 
independent claims referring to receiving an encrypted secret key encrypted using a 
public key corresponding to a secure distribution server changes the scope of the 
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claims because a key which corresponds to the server implies that the key is not only 
associated with the server, but it also belongs to the server. Applicants amendments 
did not merely include something that was already inherent to the claims. Instead, 
applicant's amendments changed the scope of the claims by adding new limitations. 

Applicant argues on page 1 1 that the examiner in the last office action admitted 
that Perlman does not teach certain subject matter recited in the claim yet stated that 
"[i]t is not beyond the scope of his invention that a public key which corresponds to a 
specific intended recipient is used in place of a group secret key 314". The examiner 
respectfully submits that the examiner at no point stated that Perlman did not teach 
encrypting a secret key using a corresponding public key specific to the intended 
recipient and then later stated that Perlman taught this limitation. In the last office 
action, in response to applicant's argument (see p2 of Final office action mailed on 
6/1 1/07), the examiner pointed out that while Perlman does discuss an embodiment of 
his invention in which a group secret key 314 is used by a group server to encrypt a 
secret message key, he also disclosed that rather than use a group secret key 314 to 
encrypt the message key, a recipient's public key could instead be used (Fig 3 and col 
5, lines 55-61). The portions of Perlman cited shows that any of a recipient public key , 
group secret key, ssl session key, or certificate public key could be used to encrypt 
message key 204 by the group server. As such, the claimed subject matter that 
applicant is arguing was not expressly or inherently taught by Perlman was in fact 
expressly taught. No contradiction was made by the examiner in explaining Perlman's 
invention. 
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On page 12 of the remarks filed, applicant argues that group public key 107 is 
part of a public/private key pair that is associated with a group of valid recipients, thus 
group public key is not associated or does not correspond to a secure distribution server 
as required in the claim. The examiner first notes that as explained above, "associated 
with" and "corresponding to" are not necessarily synonymous as applicant seems to be 
arguing. It is recognized that public key 107 is associated with a group of recipients, but 
this does not mean that group public key 107 also does not correspond to a secure 
distribution server. Perlman discloses that a secret message key 204 is encrypted for 
transmission to a DLE using public key 107 to form encrypted message key 210 (col 5, 
lines 28-30 and col 6, lines 21-22). Encrypted message key 210 is then decrypted by 
group server 114 using private key 302 (col 5, lines 52-55). This means that public key 
107 and private key 302 are a public/private key pair. Group server 1 14 has private key 
302 in its possession, thus is private key 302 corresponds to group server 1 14, which 
means that public key 107 also corresponds to group server 1 14. Note that the 
examiner considers the combination of DLE and group server disclosed by Perlman as 
the claimed secure distribution server because Perlman discloses that the functionalities 
of the DLE and group server could be implemented as one unit, i.e. in the DLE (col 5, 
lines 52-55 and col 6, lines 1-5). As such, the limitation of receiving an encrypted secret 
key encrypted using a public key corresponding to a secure distribution server is met by 
Perlman since public key 107 belongs to group server 114 and is used to encrypt secret 
message key 204. The encrypted message key is sent as part bundle 212 to the DLE 
(col 5, lines 34-37). 
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Applicant argues in the paragraph spanning pages 12-13 of the remarks 
submitted that Perlman does not teach an encrypted secret key that is encrypted using 
a public key associated with a secure distribution server , and requested a showing by 
column and line number where Perlman teaches the subject matter if the rejection is 
maintained. The examiner respectfully submits that a showing was made in the last 
office action already. However, for record, the examiner will explain once more by 
citation of column and line number. As explained above already, the examiner 
considers the combination of the DLE and the group server of Perlman to be the 
claimed secure distribution server because Perlman discloses that the decrypting of the 
encrypted message key 210 (normally done by the group server) could be handled by 
the DLE (col 5, lines 52-55 and col 6, lines 1-5). In other words, the functionalities of 
the DLE and group server are combined into one DLE server unit. The group server as 
discussed in column 5, lines 48-61 decrypts encrypted message key 210, which was 
encrypted using public key 107 (col 5, lines 28-30 and col 6, lines 21-22). The 
decryption of encrypted message key 210 is accomplished using private key 302 (col 5, 
lines 53-55). This means that public key 107 and private key 302 are a public/private 
key pair. Since private key 302 belongs to/corresponds to group server 114, this means 
that public key 107 also belongs to/corresponds to group server 1 14 and as such 
message key 204 was encrypted using a public key associated with and corresponding 
to a secure distribution server. 

Applicant argues on page 13 with respect to claim 4 and other claims that the 
Response to Arguments section of the Final office action did not address applicant's 
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remarks with respect to these claims, thus these claims should be allowed. The 
examiner respectfully submits that the only remarks submitted for claim 4 and the other 
dependent claims in the remarks filed on 4/3/07 were that they were allowable because 
the independent claims were allowable. None of the arguments that applicant is 
referring to on pages 13-14 of the remarks filed on 10/30/07 were made until after the 
Final office action was already written and mailed. It is not reasonable to expect the 
examiner to respond to arguments which have not yet been made and therefore did not 
exist. Regardless, the newly presented arguments with respect to claim 4 on page 13 
of the remarks submitted on 10/30/07 were considered, but were not persuasive. 

Applicant argues that claim 4 requires that the secret key is encrypted with the 
public key associated with the secure distribution server to produce the encrypted 
secret key and sending the encrypted information and the encrypted secret key to the 
secure distribution server. Applicant argues such a limitation is not taught by Perlman. 
The examiner respectfully disagrees. On column 5, lines 25-26, Perlman discloses 
encrypting a message with a message key 204. Message key 204 itself is encrypted 
using public key 107 (col 28-30). Public key 107 and private key 302 form a 
public/private key pair (col 5, lines 30-34). Private key 302 corresponds to group server 
1 14 (col 5, lines 52-55) and as such, public key 107 also corresponds to group server 
114. As explained above already, the examiner considers the combination of the DLE 
and the group server as the claimed secure distribution server. As such, the secret key, 
i.e. message key 204, was encrypted with the public key (i.e. public key 107) associated 
with the secure distribution server (i.e. the DLE/group server) to produce the encrypted 
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secret key (i.e. encrypted message key 210). Perlman further discloses sending the 
encrypted information and the encrypted secret key to the secure distribution server (col 
5, lines 24-37). Note that bundle 212 contains both the encrypted message and the 
encrypted message key. Bundle 212 is disclosed as being sent to the DLE, thus is sent 
to the claimed secure distribution server. The limitation further recited in claim 4 is met 
by Perlman. 

i 

Applicant's arguments with respect to claim 5 were fully considered, but are moot 
in view of new rejections presented below. 

With respect to claims 9, 13, and 25, applicant argues that the mere forwarding 
and routing packets by nodes in the network is not equivalent to what is being claimed. 
Applicant states that for example, with respect to claim 9, not only is encrypted 
information received from a sender, the encrypted key using a public key of the secure 
distribution server is also received. Applicant states that since the rejection of claim 1 
equate the DLE and group server 1 14 of Perlman with the claimed secure distribution 
server, claim 9 requires that the encrypted information is also forwarded to the secure 
distribution server. Applicant states that Perlman would not allow the forwarding and 
routing of packets in the nodes in a network to take effect as alleged in the office action 
since Perlman teaches not to send the encrypted message to the group server. The 
examiner respectfully disagrees. As discussed above already, Perlman discloses that 
the DLE and group server's functionalities could be combined into one unit and 
performed by the DLE. Perlman discloses that after the message key and message is 
encrypted, a bundle 212 is formed and bundle 212 is sent through the DLE to the 
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recipients (col 5, lines 25-37). Since bundle 212 contains the encrypted message, 
contrary to applicant's arguments, what the examiner considers the secure distribution 
server receives not only the encrypted secret key, i.e. the encrypted message key 210, 
it also receives the encrypted information, i.e. the encrypted message 206, from a 
sender. When the additional well known teachings of forwarding information is taken 
into consideration, it makes obvious to one of ordinary skill in the art that both the 
encrypted information, i.e. encrypted message 206, and the encrypted secret key, i.e. 
the encrypted message key 210, is received and forwarded to the secure distribution 
server without decrypting the encrypted secret key since as explained in the office 
action, forwarding of packets in a network through intermediaries without the 
intermediaries modifying the packet (i.e. decrypting the packets) was well known in the 
art. 

Applicant argues on page 15 of the remarks submitted that blindly forwarding and 
routing of packets as alleged in the office action would materially change the operation 
of Perlman and which Perlman admitted can greatly compromise security. The 
examiner respectfully disagrees. Perlman does not in any manner teach that blindly 
forwarding and routing packets is forbidden or undesirable in his invention or that doing 
so would change the principle operation of his invention. A person of ordinary skill in 
the art would have basic knowledge of how networks work and would recognize that in 
most cases in a network, information is not transmitted directly from a source to a 
destination. Instead, packets are routed through one or more intermediary devices such 
as a switch, router, or repeater device before finally arriving at the destination. Perlman 
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does not state that including the forwarding and routing of packets can greatly 
compromise security as applicant is alleging. Instead, in column 6, lines 1-8 which was 
pointed to by applicant, Perlman recognized that the DLE could be used to handle both 
the forwarding of messages and the decrypting of the message key. In other words, the 
functionalities of the DLE and group server could in his invention be incorporated into 
one device, i.e. the DLE. He recognizes that if the DLE was not completely trusted, it 
could compromise security, but he at no point states that therefore in his invention, it is 
prohibited that the DLE could not handle both the forwarding of messages and the 
decryption of the encrypted message key. Perlman did not state that one should not 
blindly forward and route packets. 

With respect to claims 11,14, and 27, applicant reasserts the relevant remarks 
already made with respect to Perlman. However, because these relevant remarks were 
traversed, claims 11, 14, and 27 are also not allowable. 

With respect to claim 14, applicant also states that claim 14 adds additional novel 
and non-obvious subject matter. Applicant's arguments fail to comply with 37 
CFR 1.1 1 1(b) because they amount to a general allegation that the claims define a 
patentable invention without specifically pointing out how the language of the claims 
patentably distinguishes them from the references. 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
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A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

Claims 1-4, 6-7, 10, 12, 15-24, 26, and 28 are rejected under 35 U.S.C. 102(e) 

as being anticipated by Perlman et al (US 6,912,656). 

Claims 1, 15, 18, and 20: 

As per claim 1, Perlman discloses: 
1 . Receiving encrypted information (i.e. encrypted message 21 0) from a sender for 
transmission to at least one intended recipient (col 5, lines 10-12 and 25-37) and 
receiving an encrypted secret key (i.e. encrypted message key 210) encrypted 
using a public key (i.e. public key 107) corresponding to a secure distribution 
server (col 5, lines 28-30 and 52-55). Note that encrypted message key 210 was 
encrypted using public key 107. The group server 114 decrypts encrypted 
message key 210 using private key 302 (col 5, lines 32-34 and 53-55). This 
means that public key 107 and private key 302 are a public/private key pair 
Since private key 302 corresponds to group server 114 (col 5, lines 5-10), public 
key 107 also corresponds to group server 1 14. The examiner considers the 
combination of the DLE and the group server as the claimed secure distribution 
server. Note that Perlman discloses that the DLE forwards messages (col 5, 
lines 34-37) while the group server decrypts the encrypted message key (col 5, 
lines 48-55). Perlman discloses that rather than use a separate group server, the 
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functionalities of the DLE and group server could be incorporated into the DLE 
(col 6, lines 1-5). 

2. Decrypting the encrypted secret key to produce a decrypted secret key (col 5, 
lines 52-54). 

3. Obtaining a corresponding public key of at least one intended recipient (Fig 3 and 
col 5, lines 55-60). 

4. Encrypting the decrypted secret key for the at least one intended recipient using 
a corresponding pubic key specific to the at least one intended recipient to 
produce at least one recipient specific secure secret key (Fig 3; col 2, lines 60- 
65; and col 5, lines 55-60 and 65-67). Note that after the group server decrypts 
encrypted message key 210, it re-encrypts the message key for transmission to 
at least one recipient. In column 5, lines 55-60, Perlman discloses that in his 
invention a variety of key types could be utilized to encrypt the decrypted secret 
message key. One of these key types is a public key 312 belonging/specific to at 
least one recipient. Encrypted message key 308 is formed from the encryption of 
the message key using public key 312 of the recipient. 

5. Forwarding the encrypted information sent by the sender and at least one 
recipient specific secure secret key for the at least one intended recipient (col 5, 
lines 14-15, 34-37, and 65-66). 

Claim 15 recites a method similar to claim 1 and is rejected for substantially 
similar reasons. The difference is that claim 15 recites that each of the steps of the 
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method recited in claim 1 is done by a secure distribution server. As explained above, 
the examiner considers the combination of the DLE and group server disclosed by 
Perlman as the claimed secure distribution server. Because each of the above steps 
discussed above as anticipated by Perlman are performed by the DLE and/or group 
server of Perlman, Periman also anticipates the method of claim 15. 

Claim 18 is directed to a network element comprising one or more processing 
devices operative to perform the method of claim 1 . Claim 1 8 is rejected for much the 
same reasons as claim 1 . The DLE/group server of Perlman is considered the one or 
more processing devices referred to in claim 18. 

Claim 20 is directed towards a computer storage medium comprising memory 
containing executable instructions that when read by one or more processing devices 
causes the one or more processing devices to perform the method of claim 1 . Claim 20 
is rejected for much the same reasons as claim 1. Note that Perlman's invention is 
implemented using a network of computer systems (Fig 1), thus a computer storage 
medium comprising memory containing executable instructions is inherent to his 
invention. 
Claim 24: 

Perlman discloses: 

1 . At least one sender (i.e. Fig 1 , sender 1 04) that encrypts information (i.e. 
message 105) with a secret key (i.e. message key 204) to produce encrypted 
information (i.e. encrypted message 206), encrypts the secret key with a public 
key (i.e. public key 107) associated with a network element (i.e. the combination 
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of DLE 10 and group server 114) to produce an encrypted secret key (i.e. 
encrypted message key 210), and during an online session, sends the encrypted 
information and the encrypted secret key to the network element (col 5, lines 10- 
37 and 48-55). Public key 107 and private key 302 form a public/private key pair 
(col 5, lines 32-34). Since private key 302 corresponds to group server 114, 
public key 107 also corresponds to the DLE/group server the examiner is 
considering the recited network element 

2. At least one intended recipient (Fig 1, recipients 106 and 108). 

3. At least one network element (i.e. the combination of DLE 110 and group server 
114), operatively coupled to the sender at least one intended recipient (Fig 1 and 
col 6, lines 1-5), including one or more processing devices operative to: 

a. Decrypt the encrypted secret key to produce a decrypted secret key (col 5, 
lines 52-54). 

b. Obtaining a corresponding public key of at least one intended recipient 
(Fig 3 and col 5, lines 55-60). 

c. Encrypt the decrypted secret key for the at least one intended recipient 
using a corresponding pubic key specific to the at least one intended 
recipient to produce at least one recipient specific secure secret key (Fig 
3; col 2, lines 60-65; and col 5, lines 55-60 and 65-67). Note that after the 
group server decrypts encrypted message key 210, it re-encrypts the 
message key for transmission to at least one recipient. In column 5, lines 
55-60, Perlman discloses that in his invention a variety of key types could 
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be utilized to encrypt the decrypted secret message key. One of these 
key types is a public key 312 belonging/specific to at least one recipient 
Encrypted message key 308 is formed from the encryption of the message 
key using public key 312 of the recipient. 
d. Forward the encrypted information sent by the sender and at least one 
recipient specific secure secret key for the at least one intended recipient 
(col 5, lines 14-15, 34-37, and 65-66). 

Claims 2, 16, and 21: 

Perlman further discloses determining a plurality of intended recipients and 
retrieving corresponding public keys of the plurality of intended recipients for encrypting 
the decrypted secret key (col 5, lines 10-18 and 53-60). 

Perlman discloses of at a plurality of intended recipients, i.e. recipient 106 and 
108. Note that in a public/private key system, the private key is kept secret by the 
owner of the public/private key pair. This implies that each recipient have its own 
corresponding public/private key pair. When the DLE/group server re-encrypts the 
message key for each recipient using each recipient's corresponding public key to form 
encrypted message key 308, the corresponding public key of the plurality of intended 
recipients has to be retrieved by the DLE/group server for encrypting the decrypted 
secret/message key. 
Claims 3, 17, and 22: 
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Perlman further discloses the step of encrypting the decrypted secret key with a 
corresponding public key of the at least one intended recipient includes encrypting a 
copy of the decrypted secret key for each intended recipient with a corresponding 
recipient public key (col 5, lines 16-18 and 53-60). 
Claim 4: 

Perlman further discloses encrypting information with the secret key to produce 
the encrypted information (col 5, lines 25-26), encrypting the secret key with the public 
key of the secure distribution server to produce the encrypted secret key (col 5, lines 
28-32 and 53-60), and sending the encrypted information and the encrypted secret key 
to the secure distribution server (col 5, lines 34-37). 
Claim 6: 

The limitation of storing the encrypted information locally on a device that 
performed the step of encrypting information with the secret key is inherent to Perlman's 
invention. To be able to encrypt and then forward the encrypted information/message 
to the secure distribution server (i.e. the DLE/group server), the device which performed 
the encryption process must store the encrypted information locally in memory before 
being able to send the encrypted information. 
Claim 7: 

Perlman further discloses encrypting the secret key, by a sending device, with a 
public key associated with at least one of a user of the sending device and the sending 
device (col 5, lines 28-30 and Fig 2). 
Claim 10: 



Application/Control Number: 10/092,277 Page 17 

Art Unit: 2135 

As per claim 10, Perlman further discloses of determining by the secure 
distribution server, if the encrypted information needs- to be sent to other entities, if so, 
encrypting the decrypted secret key using a public key associated with each of the 
additional entities (col 3, lines 45-48; col 5, lines 12-15, 48-48-60; and col 6, lines 1-5). 

Note that the message could be intended for multiple recipients, thus the public 
key of each of the recipients would have to be utilized to encrypt the secret/message 
key so that the encrypted message key could be sent to each of the recipients. 

Claim 23 recite limitations substantially similar to what is recited in claim 10 and 
is rejected for similar reasons. 
Claims 12, 19, and 26: 

As per claim 12, Perlman further discloses wherein retrieving the corresponding 
public keys of the plurality of intended recipients for encrypting the decrypted secret key 
includes obtaining the corresponding public keys from at least one of: a certificate 
retrieval and validation service, an LDAP lookup and a certificate directory lookup (col 5, 
lines 52-58 and 61-65 and col 7, lines 13-28). 

Claim 19 is directed to the one or more processing devices performing the 
method of claim 12, thus is rejected for similar reasons as claim 12. 

Claim 26 is directed to the network element performing the method of claim 12, 
thus is rejected for similar reasons as claim 12. 
Claim 28: 

Perlman further discloses the network element of comprising at least one 
processing device that include the means for decrypting (Fig 3, item 304), means for 
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obtaining a corresponding public key (Fig 3, item 312 and col 5, lines 50-60) and the 
means for encrypting the secret key (Fig 3, item 306). 



Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Note that with respect to the current application, it is determined that a person of 
ordinary skill in the art is someone having a BS in Computer Science/Engineering (or 
someone having equivalent industry experience) and has a basic understanding of how 
networks work and a basic understanding of symmetric and asymmetric key systems. 

Claims 5 is rejected under 35 U.S.C. 103(a) as being unpatentable over Perlman 
et al (US 6,912,656) in view of Leigh (US 7,284,067). 
Claim 5: 

Perlman discloses encrypting the secret key using a public key for a secure 
distribution server to produce a secure distribution server specific encrypted secret key 
(col 5, lines 28-32 and 52-55). Perlman does not explicitly disclose the encrypting is 
done using a public key for each of a plurality of secure distribution servers which 
produces a plurality of secure distribution server specific encrypted secret keys. 
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However, Leigh discloses that at the time applicant's invention was made, it was 
known in the art that it was desirable to connect multiple servers to a network for 
purposes of load balancing (col 1, lines 22-24). 

At the time applicant's invention was made, it would have been obvious to one 
skilled in the art to modify Perlman's invention such that rather than have one secure 
distribution server (i.e. DLE/group server), there were a plurality of secure distribution 
servers (as per Leigh's teachings). One skilled would recognize that because there are 
multiple secure distribution servers in the combination invention of Perlman and Leigh, 
the sender would then need to encrypt the secret key using the public key for each of 
the plurality of secure distribution servers to produce a plurality of secure distribution 
server specific encrypted secret keys. One skilled would have been motivated to modify 
Perlman's teachings in the manner discussed because it would prevent overburdening 
of Perlman's DLE/group server and because it would provide for network redundancy, 
which would allow messages to be sent even if some of the distribution servers went 
offline for whatever reason. 

Claim 8 is rejected under 35 U.S.C. 103(a) as being unpatentable over Perlman 
et al (US 6,912,656) in view of Ofir (US 2003/0007645). 
Claim 8: 

Perlman does not explicitly disclose digitally signing the information using a 
private signing key associated with at least one of a user of a sending device and the 
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sending device. However, Ofir discloses a message being signed with a sender's 
private key (paragraph 38). At the time applicant's invention was made, it would have 
been obvious to one skilled in the art in light of Ofir's teachings to modify Perlman's 
invention such that the information sent from the sender to the DLE/group server was 
digitally signed using a private signing key associated with at least one of a user of a 
sending device and the sending device. One skilled would have been motivated to do 
so because it would enable the recipient to authenticate the message as being sent by 
the sender (Ofir: paragraph 38). Being able to authenticate the identity of the sender of 
a message was a well known goal in field network communication. 

Claim 9 is rejected under 35 U.S.C. 103(a) as being unpatentable over Perlman 
et al (US 6,912,656) in view of Gehring (US 2002/01 16606). 
Claim 9: 

Perlman discloses the encrypted information and the encrypted secret key being 
sent by the sender (col 5, lines 34-37). Perlman does not explicitly disclose receiving 
the encrypted information and the encrypted secret key and forwarding the encrypted 
information and the encrypted secret key to the secure distribution server without 
decrypting the encrypted secret key. 

However, note that Perlman's invention is practiced in a network environment 
(Fig 1). Gehring discloses in paragraph 5 that in networks consisting of multiple 
interconnected nodes (i.e. such as the one disclosed by Perlman in Figure 1), some 
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nodes cannot communicate directly with each other. In these cases, it was known in 
the art that some nodes acted as relays that forwarded messages between nodes that 
cannot communicate directly with each other. In these known prior art networks, 
Gehring discloses that the forwarding nodes receives an encrypted message and 
forwards the encrypted message to its destination without decrypting the encrypted 
message (paragraph 6). Recall that in Perlman's invention, the message sent from the 
sender to the receiver is a bundle 212 consisting of the encrypted message/information 
and the encrypted secret/message key (col 5, lines 34-37). 

At the time applicant's invention was made, it would have been obvious to one 
skilled in the art to modify Perlman's invention such that it contained one or more 
forwarding nodes which Gehring disclosed was well known in the prior art such that the 
forwarding nodes received the encrypted information and the encrypted secret key and 
forwards the encrypted information and the encrypted secret key to the secure 
distribution server without decrypting the encrypted secret key. The rationale for why it 
would have been obvious to one skilled in the art is that networks such as the one 
utilized by Perlman to practice his invention typically contain several nodes which 
cannot communicate directly with each other, thus requires relay nodes to forward 
messages. Perlman's invention as disclosed by him is a system ready for improvement 
(i.e. needing relay nodes) and the use of the known relaying technique as discussed by 
Gehring does no more than yield the predictable result of having nodes in the network 
which relays bundle 212 from the sender to the DLE/group server without decrypting the 
bundle. 
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Claims 11 and 27 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Perlman et al (US 6,912,656) in view of Chen et al (US 5,832,208). 
Claims 11 and 27: 

Perlman discloses the steps of: encrypting the decrypted secret key using a 
public key and sending the encrypted information and the encrypted secret key. 

Perlman does not explicitly disclose the public key is associated with a content 
scanning device; the sending is to the content scanning device; receiving a result back 
from the content scanning device, forwarding the encrypted information based on the 
result sent by the content scanning device and based on at least one recipient specific 
secure secret key for at least one intended recipient. 

However, Chen discloses a virus scanner, i.e. content scanning device, being 
implemented on a server (col 5, lines 53-60). Chen discloses that emails sent to the 
server are scanned for viruses, an alert is generated if a virus is detected, and if 
possible, the virus is removed from the email attachment (col 5, lines 25-27 and col 7, 
lines 57-60). 

In light of Chen's teachings, it would have been obvious to one of ordinary skill in 
the art to have combined Perlman and Chen's teachings according to the limitations 
recited in claim 1 1 . One of ordinary skill would have been motivated to do so as 
scanning messages for viruses and removing the virus from email messages would 
prevent the spread of viruses to recipients of the email messages, which would 
compromise the recipient's system and any network they are attached to. 
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Claim 27 recites a network element which performs the limitations of the method 
recited in claim 1 1 and is rejected for the same reasons given in claim 1 1 . 



Claims 13 and 25 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Perlman et al (US 6,912,656). 
Claims 13 and 25: 

As per claim 13, Perlman further discloses encrypting information with the secret 
key to produce the encrypted information (col 5, lines 25-26), encrypting the secret key 
with the public key of the secure distribution server to produce the encrypted secret key 
(col 5, lines 28-32 and 53-60), and during an on line session, sending the encrypted 
information and the encrypted secret key to the secure distribution server (col 5, lines 
34-37. 

Perlman does not explicitly disclose the encryption of the information and secret 
key are done offline. However, the examiner submits that encrypting information and a 
secret key offline was well known in the art. For example, it is well known that a user 
can prepare an email message for sending on a laptop when the laptop does not have a 
network connection, i.e. if the user was on a plane for a business trip. The message is 
usually prepared to a state where the only thing needed to be able to send the email is 
a network connection. Later, when the laptop is connected to a network, the message 
can then be sent. It would have been obvious to have the encryption of the message 
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and key done offline prior to connecting to a network as the encryption process might 
take a long time and connection charges on the road can be expensive. 

In light of the above, it would have been obvious to one of ordinary skill in the art 
at the time the applicant's invention was made to have modified Perlman's invention 
according to the limitations recited in claim 13. The rationale for why it would have been 
obvious to one skilled in the art to modify Perlman's invention according to the 
limitations recited in claim 13 is that the application of the known technique of 
encrypting data while offline for later transmission during an online session would do no 
more than yield a predictable result of allowing Perlman's sender to encrypt information 
and the secret key while offline, which would allow Perlman's sender to prepare a 
message for sending even when not online. 

Claim 25 recites a similar limitation as claim 13 and is rejected for similar 
reasons. 

Claim 14 is rejected under 35 U.S.C. 103(a) as being unpatentable over Perlman 
et al (US 6,912,656) in view of Bouchard et al (US 2002/0091928). 
Claim 14: 

Perlman does not disclose sending the encrypted information to a time stamper 
and receiving a time stamped result prior to forwarding the encrypted information and 
the at least one recipient specific secure secret key to the at least one corresponding 
intended recipient. 
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However, Bouchard discloses time stamping a message by a time stamper prior 
to forwarding the message to a recipient (p3, paragraph 31, lines 11-15 and Fig 2). In 
light of Bouchard's teachings it would have been obvious to one of ordinary skill in the 
art at the time the applicant's invention was made modify Perlman's invention according 
to the limitations recited in claim 14. One of ordinary skill would have been motivated to 
do so as Bouchard discloses that applying a time stamp to a message allow for an audit 
log of the message, which is useful in preventing the repudiation of digitally-signed 
documents/messages (p3, paragraph 28). 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Ponnoreay Pich whose telephone number is 571-272- 
7962. The examiner can normally be reached on 9:00am-4:30pm Mon-Thurs. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on 571-272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



Ponnoreay Pich 
Examiner 
Art Unit 2135 
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